לוח משרות דרושים אנליסט סייבר

As a SecOps Analyst at our company, you will be at the forefront of our organizations defense against cyber threats. Your primary role will be to detect, monitor, analyze, and respond to security events, leveraging advanced tools and techniques to detect and mitigate risks. This role is instrumental in ensuring the security and resilience of our infrastructure environment by focusing on threat detection, intelligence, and response capabilities.
Responsibilities:
Threat Monitoring: Continuously monitor security systems, networks, and endpoints using SIEM, and other InfoSec tools to detect anomalies and threats
Develop and implement new detection and correlation rules to identify and respond to security threats effectively
Alert Investigation: Investigate and triage security alerts to validate threats and assess their impact and fine-tune existing alerts to minimize false positives and improve accuracy.
Incident Response: Lead the initial response to security incidents, including containment, alerting, and escalation
Use Case Development: Design, implement, and optimize detection use cases for new and emerging threats
Log Analysis: Collect, analyze, and interpret logs from diverse sources such as InfoSec tools, internal systems, endpoints, and cloud environments
Threat Intelligence Integration: Monitor external threat intelligence sources (e.g., IOC feeds, OSINT) and apply findings to enhance detection capabilities
Tool Management: Maintain and optimize SOC tools, including SIEM, DLP, and UEBA platforms
Reporting & Dashboards: Create detailed reports on SOC activities and incidents, and create InfoSec dashboards & metrics.

Required Cyber Security Analyst
About the Role:
As a Cyber Security Analyst, you will play a critical role in safeguarding our cloud-based IT infrastructure, products and customers. You will proactively manage security incidents, collaborate closely with various teams, and continuously enhance our security operations and response capabilities.
Key Responsibilities:
Investigate, analyze, and respond to security incidents escalated by our SIEM/SOC service and other internal sources.
Serve as the primary focal point with our SIEM/SOC provider, maintaining high service standards, expanding log coverage, enhancing detection capabilities, and optimizing workflows.
Lead and coordinate incident response activities, ensuring thorough reporting and actionable insights.
Actively participate in developing and refining our incident response playbooks, policies, and security procedures.
Own the handling of hacking and abuse incidents affecting our products and customers, conducting thorough investigations with various tools, proactively blocking abusive accounts, and updating security rules.
Collaborate cross-functionally with IT, Devops, Customer Support, Legal, and other stakeholders to effectively remediate security incidents and strengthen our overall security posture.

we are seeking a Senior Threat Analyst to strengthen our cybersecurity threat intelligence capabilities. The ideal candidate will analyze complex datasets, identify and assess cyber threats, and develop actionable intelligence to mitigate risks from advanced persistent threats (APTs) and cybercriminal groups.
Responsibilities:
Analyze and interpret data from diverse internal and external sources to identify malicious activities and emerging threats.
Develop and maintain intelligence reports, threat actor profiles, and assessments of attack vectors and TTPs.
Enhance and maintain intelligence tools, processes, and platforms.
Collaborate with external threat intelligence communities to stay ahead of evolving threats.
Automate threat hunting and intelligence gathering through high-level programming and ETL pipelines.

The position includes multiple challenging aspects, such as creation of detection analyses, attack scenarios research, team capabilities developments, client interactions, and in-depth investigation, which include host forensics work in both Windows and Linux systems, and cloud environments (e.g., AWS, GCP and Azure).



Main Responsibilities

Perform Post-Breach monitoring activities in global clients environment including in-depth triage of alerts and host forensics analysis.
Develop out-of-the-box and tailor-made analyses and detection to monitor the clients environment, often based on known threat actor tactics, techniques and procedures. This work may include research activities to support the detection development.
Support major Incident Response engagements with accurate detection after a potential active threat actor in the clients network.
Work on maintaining the necessary visibility and log forwarding for the ongoing monitoring engagements, including host-based data, Cloud environments, network devices, etc.
Apply proactive threat hunting approach in ongoing monitoring engagements, including forensic host and network-based analysis, malware hunt and wide IOC searches.
Develop capabilities and automations for alerts handling, triage and escalation, visibility maintenance, reporting, and more.
Onboard new customers by assessing their security posture, tailoring monitoring systems to their environment, and integrating their security frameworks into our services.
Often work alongside global clients security personnel when providing regular updates and following-up on alerts and security events.
Generate and provide reports and metrics on actionable data: incidents, weekly aggregation/trending, follow up procedures, visibility status, etc.

we are looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7, tiers 1-2. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.



Responsibilities

Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.